Skip to content

[9.1] [Entity Analytics] Adding license check to privileged user monitoring routes. (#247986)#248547

Merged
ymao1 merged 14 commits intoelastic:9.1from
ymao1:backport/9.1/pr-247986
Jan 20, 2026
Merged

[9.1] [Entity Analytics] Adding license check to privileged user monitoring routes. (#247986)#248547
ymao1 merged 14 commits intoelastic:9.1from
ymao1:backport/9.1/pr-247986

Conversation

@ymao1
Copy link
Copy Markdown
Contributor

@ymao1 ymao1 commented Jan 9, 2026

Backport

This will backport the following commits from main to 9.1:

Questions ?

Please refer to the Backport tool documentation

@ymao1
[Entity Analytics] Adding license check to privileged user monitoring…
9f377a7 
… routes. (elastic#247986)

## Summary

Adds a license check to the route handlers for all the privileged user
monitoring routes. This feature should only be available in for
`platinum` or `enterprise` licenses. The UI correctly gates on this
license and does not show the UI for initializing the engine for `basic`
licenses but the direct API calls did not perform any license checks.

## To Verify
1. Start ES using `yarn es snapshot --license basic --ssl`
2. Start Kibana using `yarn start --ssl`
3. Try to initialize the privileged user monitoring engine using the API
in Dev Tools. You should receive an error response:
<img width="1147" height="162" alt="Screenshot 2026-01-07 at 1 55 40 PM"
src="https://github.com/user-attachments/assets/b0bc40a5-4b14-4701-b452-68e1a766b01c"
/>

4. Go to license management:
`https://localhost:5601/app/management/stack/license_management` and
start a trial license.
5. Navigate back to Dev Tools and try the same API call. You should now
receive a success response:
<img width="978" height="187" alt="Screenshot 2026-01-06 at 1 36 31 PM"
src="https://github.com/user-attachments/assets/13989216-5ddd-4495-86c4-1c95ed294bcd"
/>

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
(cherry picked from commit 661530a)

# Conflicts:
#	x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privileged_user_monitoring/constants.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/initialisation_service.test.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/create_index.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/delete.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/disable.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/health.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/init.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/create.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/delete.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/get.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/list.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/update.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileged_access_detection/pad_get_installation_status.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileged_access_detection/pad_install.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/schedule_now.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/search_indices.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/create.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/delete.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/list.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/update.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/upload_csv.ts
#	x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/index.ts
#	x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/privilege_monitoring.ts
@ymao1 ymao1 requested a review from kibanamachine as a code owner January 9, 2026 22:06
@ymao1 ymao1 added the backport This PR is a backport of another PR label Jan 9, 2026
@ymao1 ymao1 enabled auto-merge (squash) January 9, 2026 22:06
@ymao1 ymao1 mentioned this pull request Jan 9, 2026
Merged
@ymao1
Copy link
Copy Markdown
Contributor Author

ymao1 commented Jan 12, 2026

@elasticmachine merge upstream

@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Jan 12, 2026
edited
Loading

💔 Build Failed

Failed CI Steps

Test Failures

  • [job] [logs] Jest Integration Tests #2 / builds a generated plugin into a viable archive
  • [job] [logs] Jest Integration Tests #2 / builds a generated plugin into a viable archive

Metrics [docs]

✅ unchanged

History

@ymao1
Copy link
Copy Markdown
Contributor Author

ymao1 commented Jan 12, 2026

@elasticmachine merge upstream

@ymao1
Copy link
Copy Markdown
Contributor Author

ymao1 commented Jan 20, 2026

@elasticmachine merge upstream

@ymao1 ymao1 merged commit 407306b into elastic:9.1 Jan 20, 2026
13 checks passed
@ymao1 ymao1 deleted the backport/9.1/pr-247986 branch January 20, 2026 13:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@abhishekbhatia1710 abhishekbhatia1710 abhishekbhatia1710 approved these changes

@kibanamachine kibanamachine Awaiting requested review from kibanamachine kibanamachine is a code owner

Assignees

No one assigned

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ymao1 @elasticmachine @abhishekbhatia1710 @kibanamachine